Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] Add ThreatQuotient to Threat Intel Module #27423

Closed
10 of 11 tasks
peasead opened this issue Aug 17, 2021 · 8 comments · Fixed by #28314
Closed
10 of 11 tasks

[Filebeat] Add ThreatQuotient to Threat Intel Module #27423

peasead opened this issue Aug 17, 2021 · 8 comments · Fixed by #28314
Labels
7.16 candidate Filebeat Filebeat

Comments

@peasead
Copy link
Contributor

peasead commented Aug 17, 2021
edited
Loading

Module / Dataset release checklist

This checklist is intended for Devs which create or update a module to make sure modules are consistent.

Modules

For a metricset to go GA, the following criterias should be met:

  • Supported versions are documented
  • Supported operating systems are documented (if applicable)
  • Integration tests exist
  • System tests exist
  • Automated checks that all fields are documented
  • Documentation
  • Fields follow ECS and naming conventions
  • Dashboards exists (if applicable)
  • Kibana Home Tutorial (if applicable)
    • Open PR against Kibana repo with tutorial. Examples can be found here.

Filebeat module

  • Test log files exist for the grok patterns
  • Generated output for at least 1 log file exists

CC @wanusmaximus
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Aug 17, 2021
@botelastic
Copy link

botelastic bot commented Aug 17, 2021

This issue doesn't have a Team:<team> label.

@wanusmaximus wanusmaximus mentioned this issue Aug 18, 2021
Closed
6 tasks
@peasead
Copy link
Contributor Author

peasead commented Aug 26, 2021

@wanusmaximus can you make any updates to the progress here in this Issue, please?

Thanks in advance.

@wanusmaximus
Copy link
Contributor

@peasead Let me know if there are any actions that I need to make on my side.

@peasead
Copy link
Contributor Author

peasead commented Sep 9, 2021

There were some blockers on the PR, not sure if those have been addressed or if those are things you can do?

wanusmaximus added a commit to threatq/beats that referenced this issue Sep 16, 2021
@wanusmaximus
[Filebeat] Add ThreatQuotient to Threat Intel Module elastic#27423
da92fd0
@peasead
Copy link
Contributor Author

peasead commented Oct 1, 2021

This won't make 7.15, but it's in the pipeline now. Release in 7.15.1 or 7.16.

@P1llus may have more to update.

@P1llus
Copy link
Member

P1llus commented Oct 1, 2021

I can help getting this merge at the start of next week, sorry for the delay :(

wanusmaximus referenced this issue in wanusmaximus/beats Oct 7, 2021
@wanusmaximus
[Filebeat] Add ThreatQuotient to Threat Intel Module elastic#27423
d712003
@wanusmaximus wanusmaximus mentioned this issue Oct 7, 2021
Merged
6 tasks
@peasead
Copy link
Contributor Author

peasead commented Oct 7, 2021

Updated checklists, PR open.

P1llus referenced this issue Oct 19, 2021
@wanusmaximus @P1llus @marc-gr
[Filebeat] Add ThreatQuotient to Threat Intel Module elastic#27423 (#…
0971fe7 
…28314)

* [Filebeat] Add ThreatQuotient to Threat Intel Module elastic#27423

* generating golden files

* updating pipeline, adding some more configuration options and such

* updating dashboard import, and adding filter to dashboard

* mage update

* update docs and add image

* Update CHANGELOG.next.asciidoc

Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>

Co-authored-by: Marius Iversen <marius.iversen@elastic.co>
Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>
Icedroid referenced this issue in Icedroid/beats Nov 1, 2021
@wanusmaximus @P1llus @marc-gr
[Filebeat] Add ThreatQuotient to Threat Intel Module elastic#27423 (e…
7eba5c3 
…lastic#28314)

* [Filebeat] Add ThreatQuotient to Threat Intel Module elastic#27423

* generating golden files

* updating pipeline, adding some more configuration options and such

* updating dashboard import, and adding filter to dashboard

* mage update

* update docs and add image

* Update CHANGELOG.next.asciidoc

Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>

Co-authored-by: Marius Iversen <marius.iversen@elastic.co>
Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
7.16 candidate Filebeat Filebeat
Projects
None yet
Milestone
No milestone
5 participants
@wanusmaximus @peasead @P1llus @elasticmachine @jamiehynds